npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

receipt-cli-eth

v1.0.9

Published

Sign cryptographic receipts. Free. Patent Pending: US 63/926,683

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

amann805amann805

Keywords

receiptethereumsignatureclicryptoaigovernance

Readme

receipt-cli-eth

Sign cryptographic receipts. Free. No middleman.

Signing is free. The --pay flag optionally sends a 0.0001 ETH tip to support development.

npx receipt-cli-eth sign "Final Boss built this" --out receipt.json
npx receipt-cli-eth verify receipt.json

Project Names

| Name | What | |------|------| | GitHub repo | 805-ai/receipt-cli | | npm package / CLI | receipt-cli-eth | | SDK | receipt-sdk |

Key Handling (IMPORTANT)

Do NOT pass private keys on the command line unless you understand the risks:

  • Shell history exposure
  • CI logs leaking secrets
  • Process list visibility

Recommended: Environment Variable

macOS/Linux:

export RECEIPT_KEY="0xYOUR_PRIVATE_KEY"
npx receipt-cli-eth sign "Final Boss built this" --out receipt.json

Windows PowerShell:

$env:RECEIPT_KEY="0xYOUR_PRIVATE_KEY"
npx receipt-cli-eth sign "Final Boss built this" --out receipt.json

CI-safe: stdin

macOS/Linux:

printf "%s" "$RECEIPT_KEY" | npx receipt-cli-eth sign "message" --key-stdin --out receipt.json

Windows PowerShell:

echo $env:RECEIPT_KEY | npx receipt-cli-eth sign "message" --key-stdin --out receipt.json

File-based

npx receipt-cli-eth sign "message" --key-file ~/.receipt/key --out receipt.json

Ensure key file is chmod 600 (owner read/write only) on Unix systems.

Legacy (discouraged)

npx receipt-cli-eth sign "message" --key 0xYOUR_PRIVATE_KEY --out receipt.json

Install

npm install -g receipt-cli-eth

Usage

Sign a message

receipt-cli-eth sign "Your message here" --out receipt.json

Verify a receipt

receipt-cli-eth verify receipt.json

Options

| Option | Description | |--------|-------------| | --key, -k | Private key (DISCOURAGED - prefer RECEIPT_KEY env) | | --key-stdin | Read key from stdin (CI-safe) | | --key-file <path> | Read key from file | | --out, -o | Output file (default: receipt.json) | | --pay | Optional tip (0.0001 ETH) to support development |

Receipt Format

Version: 1

{
  "message": "Final Boss built this",
  "timestamp": "2025-12-25T12:00:00.000Z",
  "signer": "0xf39Fd6e51aad88F6F4ce6aB8827279cffFb92266",
  "signature": "0x..."
}

Signing Rule (for cross-language verification)

| Property | Value | |----------|-------| | Scheme | EIP-191 personal_sign (eth_sign with \x19Ethereum Signed Message:\n prefix) | | Signed bytes | UTF-8 encoding of JSON.stringify({ message, timestamp, signer }) | | Field order | Exactly: message, timestamp, signer (JavaScript insertion order) | | Timestamp | ISO 8601 with milliseconds: YYYY-MM-DDTHH:mm:ss.sssZ | | Recovery | ethers.utils.verifyMessage(payload, signature) returns signer address |

Canonical payload example:

{"message":"Final Boss built this","timestamp":"2025-12-25T12:00:00.000Z","signer":"0xf39Fd6e51aad88F6F4ce6aB8827279cffFb92266"}

Verifiers in other languages must construct this exact string (no extra whitespace, fields in order) before applying EIP-191 recovery.

Verify Behavior

| Condition | Exit Code | Output | |-----------|-----------|--------| | Valid signature | 0 | Prints signer address, message, timestamp | | Invalid signature | 1 | Prints "INVALID - signature mismatch" | | Malformed receipt | 1 | Error message |

Use in CI:

npx receipt-cli-eth verify receipt.json && echo "Valid" || echo "Invalid"

SDK

For programmatic use:

npm install receipt-sdk
const { quickSign, verify } = require('receipt-sdk');
const receipt = await quickSign('message', privateKey);
const result = verify(receipt);

License

MIT - Built by Final Boss Technology, Inc.

Patent Notice

Patent Pending: US 63/926,683, US 63/917,247, and related applications.

The cryptographic receipt architecture implemented in this software is protected by pending patent applications assigned to Final Boss Technology, Inc.

(c) 2025 Final Boss Technology, Inc. All rights reserved.